我正在使用启用Tomcat安全性的服务器,而使用带有c3p0的Hibernate3。 以下是我在catalina.policy的政策(我在网上找到了这些行并稍作改动):
grant codeBase "file:${catalina.base}/webapps/omiccir/-"
{
/////////////// FilePermission //////////
permission java.io.FilePermission "${catalina.home}/log4j.properties", "read";
permission java.io.FilePermission "${catalina.home}/logging.properties", "read";
permission java.io.FilePermission "${catalina.home}/hibernate.properties", "read";
permission java.io.FilePermission "${java.home}/lib/xerces.properties", "read";
//permission java.io.FilePermission "opproject.log", "write";
//permission java.io.FilePermission "${catalina.home}/Onepoint Project Home/-", "read, write, delete";
// FIXME line below is VERY system specific, take care!
permission java.io.FilePermission "/tmp/tomcat6-tmp", "write";
// thought it was java.io.tmpdir, but may be wrong //
permission java.io.FilePermission "${java.io.tmpdir}/tomcat6-tmp", "write";
/////////////// LoggingPermission //////////
permission java.util.logging.LoggingPermission "control";
/////////////// PropertyPermission //////////
permission java.util.PropertyPermission "org.apache.cxf.Logger", "read";
permission java.util.PropertyPermission "org.apache.commons.logging.*", "read";
permission java.util.PropertyPermission "log4j.*", "read";
permission java.util.PropertyPermission "logger.home", "read";
permission java.util.PropertyPermission "user.*", "read";
permission java.util.PropertyPermission "org.apache.xerces.*", "read";
permission java.util.PropertyPermission "ONEPOINT_PROJECT_HOME", "read";
permission java.util.PropertyPermission "com.sun.xml.bind.v2.*", "read";
permission java.util.PropertyPermission "com.sun.xml.bind.v2.runtime.JAXBContextImpl.fastBoot", "write";
permission java.util.PropertyPermission "cglib.debugLocation", "read";
permission java.util.PropertyPermission "org.dom4j.*", "read";
permission java.util.PropertyPermission "c3p0.*", "read";
permission java.util.PropertyPermission "net.sf.ehcache.*", "read";
permission java.util.PropertyPermission "ANTLR_DO_NOT_EXIT", "read";
permission java.util.PropertyPermission "ANTLR_USE_DIRECT_CLASS_LOADING", "read";
/////////////// RuntimePermission //////////
permission java.lang.RuntimePermission "accessClassInPackage.sun.jdbc.odbc";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.http";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.http.res";
permission java.lang.RuntimePermission "accessClassInPackage.sun.reflect.generics.reflectiveObjects";
permission java.lang.RuntimePermission "accessClassInPackage.sun.util.calendar";
permission java.lang.RuntimePermission "defineClassInPackage.java.lang";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "getProtectionDomain";
/////////////// ReflectPermission //////////
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.net.SocketPermission "*", "resolve";
permission java.net.SocketPermission "localhost:5432", "connect,resolve";
//What is this line??
//permission java.net.SocketPermission "www.onepoint.at:80", "connect,resolve";
/////////////// MBean...Permission /////////
permission javax.management.MBeanServerPermission "createMBeanServer";
permission javax.management.MBeanPermission "com.mchange.v2.c3p0.*", "*";
permission javax.management.MBeanTrustPermission "register";
permission java.util.PropertyPermission "*", "read,write";
}
我不知道出了什么问题,但似乎c3p0存在问题,当我在没有安全管理器的情况下使用Tomcat时,这就消失了。
这是我的堆栈跟踪:
org.apache.jasper.JasperException: org.hibernate.exception.GenericJDBCException: Cannot open connection
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:491)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:419)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
root cause
org.hibernate.exception.GenericJDBCException: Cannot open connection
org.hibernate.exception.SQLStateConverter.handledNonSpecificException(SQLStateConverter.java:140)
org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:128)
org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:66)
org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:52)
org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:449)
org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:167)
org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:160)
org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:81)
org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1473)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:345)
$Proxy4.beginTransaction(Unknown Source)
ir.omicc.classes.Publisher.getTop5News(Publisher.java:100)
org.apache.jsp.index_jsp._jspService(index_jsp.java:229)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
root cause
java.sql.SQLException: Connections could not be acquired from the underlying database!
com.mchange.v2.sql.SqlUtils.toSQLException(SqlUtils.java:106)
com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:529)
com.mchange.v2.c3p0.impl.AbstractPoolBackedDataSource.getConnection(AbstractPoolBackedDataSource.java:128)
org.hibernate.connection.C3P0ConnectionProvider.getConnection(C3P0ConnectionProvider.java:78)
org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:446)
org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:167)
org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:160)
org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:81)
org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1473)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:345)
$Proxy4.beginTransaction(Unknown Source)
ir.omicc.classes.Publisher.getTop5News(Publisher.java:100)
org.apache.jsp.index_jsp._jspService(index_jsp.java:229)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
root cause
com.mchange.v2.resourcepool.CannotAcquireResourceException: A ResourcePool could not acquire a resource from its primary factory or source.
com.mchange.v2.resourcepool.BasicResourcePool.awaitAvailable(BasicResourcePool.java:1319)
com.mchange.v2.resourcepool.BasicResourcePool.prelimCheckoutResource(BasicResourcePool.java:557)
com.mchange.v2.resourcepool.BasicResourcePool.checkoutResource(BasicResourcePool.java:477)
com.mchange.v2.c3p0.impl.C3P0PooledConnectionPool.checkoutPooledConnection(C3P0PooledConnectionPool.java:525)
com.mchange.v2.c3p0.impl.AbstractPoolBackedDataSource.getConnection(AbstractPoolBackedDataSource.java:128)
org.hibernate.connection.C3P0ConnectionProvider.getConnection(C3P0ConnectionProvider.java:78)
org.hibernate.jdbc.ConnectionManager.openConnection(ConnectionManager.java:446)
org.hibernate.jdbc.ConnectionManager.getConnection(ConnectionManager.java:167)
org.hibernate.jdbc.JDBCContext.connection(JDBCContext.java:160)
org.hibernate.transaction.JDBCTransaction.begin(JDBCTransaction.java:81)
org.hibernate.impl.SessionImpl.beginTransaction(SessionImpl.java:1473)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.hibernate.context.ThreadLocalSessionContext$TransactionProtectionWrapper.invoke(ThreadLocalSessionContext.java:345)
$Proxy4.beginTransaction(Unknown Source)
ir.omicc.classes.Publisher.getTop5News(Publisher.java:100)
org.apache.jsp.index_jsp._jspService(index_jsp.java:229)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:377)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
答案 0 :(得分:1)
通过异常中的堆栈跟踪,看起来失败的原因是在等待足够长的时间后无法在连接池中找到物理连接。其原因可以推导为策略中授予的以下两个权限:
permission java.net.SocketPermission "*", "resolve";
permission java.net.SocketPermission "localhost:5432", "connect,resolve";
“connect”操作仅允许到localhost,并且仅允许在端口5432处。如果这不是数据库服务器,则很可能未创建物理连接。您需要为数据库服务器所需的操作(连接,解析)授予适当的权限(SocketPermission)。
注 - 在创建物理连接时,异常堆栈跟踪不表示权限被拒绝。这是推断出来的;您可能希望查找其他堆栈跟踪或其他日志文件,或启用较低级别的日志记录,以确定是否存在其他故障。
相关:
答案 1 :(得分:1)
授予你的jdbc驱动程序的套接字权限
授予codeBase “罐子:文件:$ {的catalina.home} $ {}文件分割符的webapps $ {}文件分割符$ strutsspringjpaexample {}文件分割符WEB-INF $ {}文件分割符的lib $ {}文件分割符* mysql- 。罐!/-” {permission java.net.SocketPermission“localhost:3306”,“connect”; };